电信科学 ›› 2017, Vol. 33 ›› Issue (10): 71-80.doi: 10.11959/j.issn.1000-0801.2017241
王永建1,宋爱波1,叶亚伟2,姜海波3
修回日期:
2017-10-11
出版日期:
2017-10-01
发布日期:
2017-11-13
作者简介:
王永建(1981-),男,东南大学计算机科学与工程学院博士生,主要研究方向为云安全、大数据处理。|宋爱波(1970-),男,博士,东南大学计算机科学与工程学院教授、博士生导师,主要研究方向为云计算、大数据处理。|叶亚伟(1981-),男,中国通信建设集团设计院有限公司工程师,主要研究方向为云计算。|姜海波(1981-),男,国网河南省电力公司检修公司高级工程师,主要研究方向为电网系统数据安全。
基金资助:
Yongjian WANG1,Aibo SONG1,Yawei YE2,Haibo JIANG3
Revised:
2017-10-11
Online:
2017-10-01
Published:
2017-11-13
Supported by:
摘要:
“互联网+”催生了许多新的经济形态与商业模式,公有云面临着严峻的安全挑战。研究了公有云数据安全问题,并提出了研究思路。首先,分析了同态加密的概念、加法同态加密与乘法同态加密的特点以及当前的研究成果和需要解决的难题。然后,根据乘法同态加密算法、散列表和相似性理论,提出了一种数据安全保护方案,并阐述了具体实现流程,采用欧氏距离检验公有云中加密数据的相似性与完整性。最后,理论分析了该方案的正确性与安全性。仿真实验验证了该方案的可行性与有效性。
中图分类号:
王永建,宋爱波,叶亚伟,姜海波. 面向“互联网+”的公有云数据安全[J]. 电信科学, 2017, 33(10): 71-80.
Yongjian WANG,Aibo SONG,Yawei YE,Haibo JIANG. Data security for internet plus in public cloud[J]. Telecommunications Science, 2017, 33(10): 71-80.
[1] | MCMILLAN R . Cloud computing a ‘security nightmare’,says Cisco CEO[EB/OL].(2014-07-02)[2016-10-09]. . |
[2] | HARAUZ J , KAUFMAN L M , POTTER B . Data security in the world of cloud computing[J]. IEEE Security & Privacy, 2009,7(4): 61-64. |
[3] | GUO F D , ZHANG M , ZHANG Y ,et al. Study on cloud computing security[J]. Journal of Software, 2011,22(1): 71-83. |
[4] | 王笑帝, 张云勇, 刘镝 ,等. 云计算虚拟化安全技术研究[J]. 电信科学, 2015,31(6): 8-12,24. |
WANG X D , ZHANG Y Y , LIU D ,et al. Research on security of virtualization on cloud computing[J]. Telecommunications Science, 2015,31(6): 8-12,24. | |
[5] | 张逢喆 . 公共云计算环境下用户数据的隐私性与安全性保护[D]. 上海:复旦大学, 2010. |
ZHANG F Z . Privacy and security protection of user data in public cloud computing environment[D]. Shanghai:Fudan University, 2010. | |
[6] | CHOI S G , HWANGY K W , KATZ J ,et al. Secure multi-party computation of boolean circuits with applications to privacy in online marketplaces[M]. Berlin: Springer Berlin HeidelbergPress, 2012. |
[7] | AGRAWAL R , SRIKANT R . Privacy-preserving data mining[J]. Application Research of Computers, 2000,29(2): 439-450. |
[8] | LOFTUS J , SMART N P . Secure outsourced computation[M]. Berlin: Springer Berlin HeidelbergPress, 2010. |
[9] | TOFT T , . Secure data structures based on multi-party computation[C]// The 30th Annual ACM SIGACT-SIGOPS Symposium on Principles of Distributed Computing,June 6-8,2011,San Jose,California,USA. New York:ACM Press, 2011: 291-292. |
[10] | 刘明辉, 张尼, 张云勇 ,等. 云环境下的敏感数据保护技术研究[J]. 电信科学, 2014,30(11): 2-8. |
LIU M H , ZHANG N , ZHANG Y Y ,et al. Research on sensitive data protection technology on cloud computing[J]. Telecommunications Science, 2014,30(11): 2-8. | |
[11] | 李浪, 余孝忠, 杨娅琼 ,等. 同态加密研究进展综述[J]. 计算机应用研究, 2015(11): 3209-3214. |
LI L , YU X Z , YANG Y Q ,et al. Survey on homomorphic encryption technology[J]. Application Research of Computers, 2015(11): 3209-3214. | |
[12] | 李顺东, 窦家维, 王道顺 . 同态加密算法及其在云安全中的应用[J]. 计算机研究与发展, 2015,52(6): 1378-1388. |
LI S D , DOU J W , WANG D S . Survey on homomorphic encryption and its applications to cloud security[J]. Journal of Computer Research and Development, 2015,52(6): 1378-1388. | |
[13] | RIVEST R , ADLEMAN L , DERTOUZOS M . On data banks and privacy homomorphisms[J]. Foundations of Secure Computation, 1978,4(11): 169-180. |
[14] | 任福乐, 朱志祥, 王雄 . 基于全同态加密的云计算数据安全方案[J]. 西安邮电大学学报, 2013,18(3): 92-95. |
REN F L , ZHU Z X , WANG X . A cloud computing security solution based on fully homomorphic encryption[J]. Journal of Xi’an University of Post and Telecom, 2013,18(3): 92-95. | |
[15] | 王辉 . 同态加密的分析与优化[D]. 杭州:杭州电子科技大学, 2012. |
WANG H . Homomorphic encryption:analysis and optimization[D]. Hangzhou:Hangzhou Dianzi University, 2012. | |
[16] | ELGAMAL T . A public-key cryptosystem and a signature scheme based on discrete logarithms[J]. IEEE Transactions on Information Theory, 1985,31(4): 469-472. |
[17] | PAILLIER P , . Public-key cryptosystems based on composite degree residuosity classes[C]// The 17th international conference on Theory and application of cryptographic techniques,May 2-6,1999,Prague,Czech Republic. New York:ACM Press, 1999: 223-238. |
[18] | BENALOH J . Verifiable scret-ballot elections[D]. New Haven:Yale University, 1988. |
[19] | OKAMOTO T , UCHIYAMA S . A new public-key cryptosystem as secure as factoring[C]// International Conference on the Theory & Applications of Cryptographic Techniques,May 31-June 4,1998,Espoo,Finland. Berlin:Springer, 1998: 308-318. |
[20] | NACCACHE D , STERN J . A new public key cryptosystem based on higher residues[C]// The 5th ACM Conference on Computer and Communications Security,November 2-5,1998,San Francisco,California,USA. New York:ACM Press, 1998: 59-66. |
[21] | DAN B , GOH E J , NISSIM K . Evaluating 2-DNF formulas on cipher texts[C]// The 2nd International Conference on Theory of Cryptography,February 10-12,2005,Cambridge,England. Berlin:Springer, 2005: 325-341. |
[22] | FELLOWS M , KOBLITZ N . Combinatorial cryptosystems galore[J]. Contemporary Mathematics, 1994(1): 51-61. |
[23] | GENTRY C , . Fully homomorphic eneryption using ideal lattices[C]// The 41st Annual ACM Symposium on Theory of Computing,May 31-June 2,2009,Bethesda,MD,USA. New York:ACM Press, 2009: 169-178. |
[24] | GENTRY C . A fully homomorphic encryption scheme[D]. Stanford:Stanford University, 2009. |
[25] | DIJK M V , GENTRY C , HALEVI S ,et al. Fully homomorphic encryption over the integers[C]// The 29th Annual international conference on Theory and Applications of Cryptographic Techniques,May 30-June 3,2010,French Riviera,France. New York:ACM Press, 2010: 24-43. |
[26] | STEHLE D , STEINFELD R . Faster fully homomorphic encryption[C]// The l6th Int Conf on the Theory and Application of Cryptology and Information Security,December 5-9,2010,Singapore. Berlin:Springer, 2010: 377-394. |
[27] | CORON J S , MANDAL A , NACCACHE D ,et al. Fully homomorphic encryption over the integers with shorter public keys[C]// Conference on Advances in Cryptology,August 14-18,2011,Santa Barbara,CA,USA. New York:ACM Press, 2011: 487-504. |
[28] | BRAKERSKI Z , GENTRY C . Fully homomorphic encryption without boot-strapping[J]. ACM Transactions on Computation Theory, 2015,6(3): 1-36. |
[29] | BRAKERSKI Z . Fully homomorphic encryption without modulus switching from classical GapSVP[M]. Berlin: Springer Berlin HeidelbergPress, 2012. |
[30] | GENTRY C , SAHAI A , WATERS B . Homomorphic encryption from learning with errors conceptually-simper,asymptotically-faster,attribute-based[M]. Berlin: Springer Berlin HeidelbergPress, 2013. |
[31] | BRAKERSKI Z , VAIKUNTANATHAN V . Efficient fully homomorphic encryption from (standard) LWE[J]. SIAM Journal on Computing, 2014,43(2): 831-871. |
[32] | WANG T , YU J P , YANG Y J . Linear homomorphic encryption scheme for privacy protection of cloud storage[J]. Journal of Signal Processing, 2013,29(11): 1463-1469. |
[33] | 汤殿华, 祝世雄, 王林 ,等. 基于RLWE的全同态加密方案[J]. 通信学报, 2014,35(1): 173-182. |
TANG D H , ZHU S X , WANG L ,et al. Fully homomorphic encryption scheme from RLWE[J]. Journal on Communications, 2014,35(1): 173-182. | |
[34] | LIANG M . Quantum fully homomorphic encryption scheme based on universal quantum circuit[J]. Quantum Information Processing, 2014,14(8): 1-11. |
[35] | DULEK Y , SCHAFFNER C , SPEELMAN F . Quantum homomorphic encryption for polynomial-sized circuits[M]. Berlin: Springer Berlin HeidelbergPress, 2016. |
[36] | 陈智罡, 宋新霞, 赵秀凤 . 一个LWE上的短公钥多位全同态加密方案[J]. 计算机研究与发展, 2016,53(10): 2216-2223. |
CHEN Z G , SONG X X , ZHAO X F . A multi-bit fully homomorphic encryption with better key size from LWE[J]. Journal of Computer Research and Development, 2016,53(10): 2216-2223. | |
[37] | 刘立坤 . 基于噪音添加和欧几里德距离的隐私保护数据挖掘方法[D]. 长春:吉林大学, 2011. |
LIU L K . Privacy-preserving data mining method based on noise additive and Euclidean distance[D]. Changchun:Jilin University, 2011. | |
[38] | YANG D X , LIU L M , YANG B . Secure Euclidean distance computation in the presence of malicious adversaries[J]. Computer Engineering and Applications, 2015,51(24): 109-113. |
[39] | KIKUCHI H , NAGAI K , OGATA W ,et al. Privacy-preserving similarity evaluation and application to remote biometrics authentication[J]. Soft Computing, 2014(5): 529-536. |
[40] | BARNI M , BIANCHI T , CATALANO D ,et al. Privacy-preserving fingercode authentication[C]// The 12th ACM workshop on Multimedia and security,September 9-10,2010,Roma,Italy. New York:ACM Press, 231-240. |
[41] | YANG B , LI S D , ZHOU S F . Privacy-preserving online transaction scheme based on El Gamal signature[J]. Application Research of Computers, 2014,31(12): 3707-3710. |
[42] | ZHANG C . Realization of information hiding using picture as carrier[J]. Journal of Mudanjiang Normal University (Sci.&Tech.), 2008(1): 20-21. |
[43] | HOWGRAVE-GRAHAM N . Approximate integer common divisors[M]. Berlin: Springer Berlin HeidelbergPress, 2001: 51-66. |
[44] | DIJK M V , GENTRY C , HALEVI S ,et al. Fully homomorphic encryption over the integers[C]// International Conference on Theory& Applications of Cryptographic Techniques,May 30-June 3,2010,French Riviera,France. New York:ACM Press, 2010: 24-43. |
[45] | 何文才, 杜敏, 刘培鹤 ,等. 基于 Paillier 同态的无线自组网组密钥管理方案[J]. 计算机科学, 2013,40(10): 114-118. |
HE W C , DU M , LIU P H ,et al. Wireless Ad-hoc network group key management scheme based on Paillier homomorphic[J]. Computer Science, 2013,40(10): 114-118. | |
[46] | 程帅, 姚寒冰 . 基于同态加密的密文全文检索技术的研究[J]. 计算机科学, 2015,42(6A): 413-416. |
CHENG S , YAO H B . Study of cipher text retrieval based on homomorphic encryption[J]. Computer Science, 2015,42(6A): 413-416. | |
[47] | HOWGRAVE-GRAHAM N . Approximate inter commondivisors[M]. Berlin: Springer Berlin HeidelbergPress, 2001. |
[48] | LI J , CHEN S C , SONG D J . Security structure of cloud storage based on homomorphic encryption scheme[C]// IEEE International Conference on Cloud Computing & Intelligent Systems,Oct 30-Nov 1,2012,Hangzhou,China. New Jersey:IEEE Press, 2012: 224-227. |
[1] | 杨安邦,钱江波,董一鸿,陈华辉. 基于列表监督的Hash排序算法[J]. 电信科学, 2019, 35(5): 78-85. |
[2] | 月球,刘芹,杨小乐,毕晓飞,朱师萱. 公有云大规模资源池部署SDN的应用[J]. 电信科学, 2018, 34(6): 115-122. |
[3] | 李斐,陈恳,李萌,郭春梅. 一种基于运动相似熵的人群异常行为检测[J]. 电信科学, 2017, 33(5): 90-98. |
[4] | 任建新,陈华辉. 一种自适应子空间相似性搜索方法[J]. 电信科学, 2015, 31(7): 63-74. |
[5] | 司伟,王峰. 云备份解决方案[J]. 电信科学, 2015, 31(7): 125-131. |
[6] | 江家仁. 虚拟化安全——公有云安全的核心关键问题[J]. 电信科学, 2015, 31(12): 121-124. |
[7] | 雷凯,袁梦. NDN下DHT算法的设计与实现[J]. 电信科学, 2014, 30(12): 48-54. |
[8] | 张彪,李川,徐洪宇,李艳梅,杨宁,罗谦. 基于特征子图的异构信息网络节点相似性度量 *[J]. 电信科学, 2014, 30(11): 66-72. |
[9] | 王政,丁勇,李新国,柳毅. 基于PACDP的全同态加密方案的一种攻击方法[J]. 电信科学, 2013, 29(3): 85-89. |
[10] | 李金双,李凤云. 移动社会网络中用户相似性计算的隐私保护研究[J]. 电信科学, 2013, 29(10): 119-122. |
[11] | 钱萍,吴蒙. 无线传感器网络隐私保护方法[J]. 电信科学, 2013, 29(1): 23-51. |
[12] | 肖禄,黄韬,刘江,魏亮. 一种基于物理拓扑的DHT物联网解析机制 *[J]. 电信科学, 2012, 28(6): 25-32. |
[13] | 李丹凤,张治中. NGN网络监测系统中BICC协议的研究与应用[J]. 电信科学, 2012, 28(3): 68-72. |
[14] | 钱萍,吴蒙. 无线传感器网络隐私保护方法[J]. 电信科学, 2012, 28(12): 68-76. |
[15] | 吴俊,徐溟. 公有云服务计费模式比较研究[J]. 电信科学, 2012, 28(1): 127-132. |
阅读次数 | ||||||
全文 |
|
|||||
摘要 |
|
|||||
|